NRL IPv6+IPsec Software Distribution

Alpha Release 4 -- Release Notes -- Abridged Version for WWW

Introduction

The NRL IPv6/IPsec Software Distribution is a reference implementation
of IPv6 and IP Security for the 4.4BSD-Lite networking software. It is freely
distributable (subject to U.S. export controls) and usable for commercial and
non-commercial purposes as long as the NRL and UC Berkeley license terms are
adhered to.

We have tested this software on SPARC systems using the UC Berkeley
4.4 BSD UNIX operating system with 4.4-Lite updates. We have also tested this
software on x86 systems running NetBSD 1.2, SPARC systems running NetBSD 1.2,
and x86 systems using BSDI 2.1. We believe that our code should be easily
portable to reasonable 4.4BSD derived systems (BSDI, NetBSD, OpenBSD, and
Lites). We believe that it would be difficult, though not impossible, to port
our code to other systems.

This implementation includes kernel networking software, a small
IPv6 support library, and several applications (e.g. telnet, telnetd, ping,
tftp, tftpd, socktest, netstat, ifconfig, ping, route, tcpdump) modified to
support IPv6/IPsec. This implementation also includes the NRL Key Engine
(aka PF_KEY) and applications to interface with it. There are manual pages
for the modified and new software, but they might not yet be as detailed as
one might like.

This "alpha-quality" release of the IPv6 software is intended to be
used by kernel hackers and implementers who want to get early access and
experience with IPv6 and IPsec. Use at your own risk. It is complete enough to
use for experimenting but it is not entirely complete. In some areas this is
because the IPv6 specifications are not yet stable.

What's New

Bug fixes

We now support the IPv6 BSD API specified in draft 5

More complete tunnel support. We now support encapsulating any of
IPv6/IPv4 over any of IPv6/IPv4, with or without security.